Our Commitment to Information Security
Tactiv understand that information is at the heart of our business. Information security is one of our top priorities and we are transparent with our security program. We want our clients to feel informed and safe using our products and services.
That’s why we are proudly compliant with the International Organisation for Standardisation’s ‘ISO 27001’ standard of Information Security Management Systems (ISMS). The ISO 27001 is auditable, which ensures that we continuously maintain high standards of information security.
ISO 27001 in practice
This globally recognised certification assures a high degree of organisational data security through the adherence of a strict policy framework. Additionally, the ISO requires the development of information security policies and procedures to be implemented across the organisational hierarchy.
These policies and procedures include applied security controls across physical, digital, and operational domains:
- Physical Controls – Tangible considerations such as access control cards, security lights and surveillance cameras.
- Digital Controls – Technical considerations such as authentication procedures, infrastructure and network design choices, encryption methods and data storage practices.
- Operational Controls – Administrative considerations such as employee background checks and training, governance groups and least privilege access policies.
These considerations also apply to our Enquire software solution. Layered security approaches are built into Enquire’s application architecture, including controls such as role-based access permissions and authentication procedures.
Committed beyond ISO 27001
Through a holistic approach to defining security, we manage and mitigate risks that may not otherwise be considered. We continuously track changes in the Information Security space and update our procedures accordingly. Staff receives training on a regular basis to stay on top of developments in technology, information handling and procedures.
In addition to our ISO 27001 certification, independent auditors have recognised our compliance to complimentary standards of data security best practice.
Furthermore, Tactiv has procedures and practices in place that reach beyond the ISO 27001 Standard. Our staff is strongly encouraged to operate paperless, maintain a clean desk policy and be aware of surroundings during work. We work with a leading cyber security firm to train staff on the latest developments and execute regular pen tests to ensure the Enquire application remains secure from online vulnerabilities.
By taking a pro-active approach to information security management we give our clients the peace of mind necessary to make great decisions, every day.
If you’d like to know more about Tactiv’s security practices, please contact us.